Computer security biz FireEye has withdrawn claims that the Gauss and Flame super-viruses may be linked. This is after it emerged that what FireEye had thought was a shared command-and-control server, used to send instructions to PCs compromised by the malware, was actually a "sinkhole" maintained by rival researchers at …
Trust No One!
"... so innocent mistakes along these lines are more or less inevitable in the absence of better communication among security firms. "
Perhaps if the security firms set up a shared community bulletin board where could post details of their activities....oh, wait a minute.
"... but this was a system set up by the Russian lab, which had asked DNS providers to redirect data sent from the two software nasties so as to examine their network traffic."
By what authority can Kaspersky ask DNS providers to redirect internet data to their own location in order to analyse it? If I'm working on developing a geographically distributed industrial control and monitoring system, of a novel and hopefully profitable nature, can I trust the DNS providers to not divert my data to Kaspersky, or anyone else so that they can analyse it and copy my techniques?
Re: Trust No One!
"...can I trust the DNS providers to not divert my data to Kaspersky, or anyone else so that they can analyse it and copy my techniques?"
Clearly not, and that is more disturbing than the malware they're investigating.
Re: Trust No One!
If you want hard crypto, you know where to get it though.
Or alternatively... the AV industry is actually stoking up the problem of viruses, malware, and worms to perpetuate their own business models. Shady business practices.... in Russia... surely not!
- Product round-up Ten excellent FREE PC apps to brighten your Windows
- Chromecast video on UK, Euro TVs hertz so badly it makes us judder – but Google 'won't fix'
- Analysis Pity the poor Windows developer: The tools for desktop development are in disarray
- Analysis BlackBerry's turnaround relies on a secret weapon: Its own network
- Hire and hold IT staff in 2015: The Reg's how-to guide